Key TakeawaysDefendant Charged: A New York individual was arraigned on a federal cyberstalking charge after a grand jury indictment early this month.AI Images Used: The…

Key TakeawaysBreach Confirmed: Nintendo of America confirmed threat actors stole survey data from TinyPulse, a third-party platform owned by WebMD Health Services.Systems Safe: Nintendo's own…

Key TakeawaysBreach Detected: One Medical Senior Health found that an unauthorized person accessed a third-party file storage system holding archived Iora Health data on June…

Key TakeawaysSix Arrested: Dutch police detained six suspects, aged 15 to 30, on suspicion of bank helpdesk fraud in Amsterdam.Caught Mid-Call: Officers found the suspects…

Key TakeawaysExternal Breach: Australian Clinical Labs announced a cyber incident at an external IT service provider used by SunDoctors, resulting in unauthorized access.Broad Notification: The…

Key TakeawaysSteam Workshop: Researchers found dozens of malicious wallpapers on Steam Workshop that exploit Wallpaper Engine.Malware Mix: Payloads include DarkKomet, Lumma and Vidar infostealers, and…

Key TakeawaysCampaign Discovered: A widespread hacking campaign dubbed FortiBleed has compromised tens of thousands of Fortinet firewalls and VPNs worldwide.Simple Method: Attackers use automated scanning…

Key TakeawaysIPVanish Incognito Mode: New security events stay hidden while Threat Protection Pro remains active.Protection Continues: Malicious websites, downloads, files, and network attacks are still…

Key TakeawaysDausos VPN Protocol Update: Improves connection reliability on school, university, and corporate networks with strict firewall restrictions.Connectivity Issue Resolved: Addresses previous connection failures experienced…

Key TakeawaysMalicious Plugins: Researchers found 15 malicious JetBrains plugins posing as AI coding tools on the JetBrains Marketplace.Keys Targeted: The plugins target the exfiltration of…

Key TakeawaysBreach Confirmed: Kodak confirmed an unauthorized third party gained temporary access to a limited amount of company data.Records Claimed: ShinyHunters claims it stole over…

Key TakeawaysStealth C2 Obfuscation: DragonForce threat actors obfuscated command-and-control traffic within Microsoft Teams' TURN relay servers utilizing Backdoor.Turn.First Documented: Backdoor.Turn represents the first identified malware…

Key TakeawaysAuthorization Flaw: A bug in FIFA's back-end API skipped authorization checks, opening access to internal platforms.TV Control: One exposed system let users control what…

Key TakeawaysMassive Theft Claimed: FulcrumSec says it stole more than a terabyte of data from Novo Nordisk, the Wegovy and Ozempic maker.Ransom Refused: The group…

Key TakeawaysUK VPN restrictions: Government may announce measures to prevent children bypassing planned social media limits.Age verification concerns: Critics warn enforcement could require broader age…

Key TakeawaysPhaaS Kit: EvilTokens is a phishing-as-a-service kit built to compromise Microsoft 365 accounts by abusing the OAuth 2.0 device authorization grant flow.Wide Campaigns: Advertised…

Key TakeawaysUnauthorized Activity: iRhythm Holdings detected unauthorized activity on third-party applications and launched an external investigation.Extortion Demand: A threat actor issued a payment demand on…

Key TakeawaysBreach Claimed: ShinyHunters claims to have breached the Council of Europe, targeting internal HR and personnel systems.Data Volume: The threat actor alleges exfiltration of…

Key TakeawaysSamsung MAX VPN Shutdown: Service ended June 15, disabling VPN protection and mobile data-saving features completely.App Remains Installed: Samsung MAX stays on devices but…

Key TakeawaysTargeted Attack: Infinite Campus was hit by a ShinyHunters "pay or leak" extortion campaign in March 2026.Data Published: The cybersecurity incident affected more than…